From 8e98ea181c426539e50af9ef96f05ea7d78214ae Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Sun, 28 Dec 2025 00:05:29 +0900
Subject: [PATCH] FIX(postgresql): vault PostgreSQL connection

- using environment variable
- Removed hardcoded connection_url from config
- Use VAULT_PG_CONNECTION_URL environment variable instead
- Connection URL stored securely in vault-pg-connection Secret
- Fixes environment variable substitution issue in HCL config
---
 vault/helm-values/vault.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/vault/helm-values/vault.yaml b/vault/helm-values/vault.yaml
index fa8ad94..f31d5d2 100644
--- a/vault/helm-values/vault.yaml
+++ b/vault/helm-values/vault.yaml
@@ -25,7 +25,6 @@ server:
       }
 
       storage "postgresql" {
-        connection_url = "postgres://vault:${VAULT_POSTGRES_PASSWORD}@postgresql-cnpg-rw.postgresql-cnpg.svc.cluster.local:5432/vault?sslmode=disable"
       }
 
       # Optional: Enable Prometheus metrics
@@ -36,9 +35,9 @@ server:
 
   # Environment variables from secrets
   extraSecretEnvironmentVars:
-    - envName: VAULT_POSTGRES_PASSWORD
-      secretName: vault-postgres-password
-      secretKey: password
+    - envName: VAULT_PG_CONNECTION_URL
+      secretName: vault-pg-connection
+      secretKey: connection_url
 
   # 리소스 제한
   resources: